These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-3055 is a Citrix NetScaler out-of-bounds read vulnerability that CISA added to the Known Exploited Vulnerabilities (KEV) catalog on 2026-03-30. Because it is listed in KEV, defenders should treat it as a high-priority exposure and act on vendor guidance without delay. The supplied corpus does not include affected-version detail or a technical exploitation description beyond the vulnerability clas [truncated]
CVE-2025-7775 is a Citrix NetScaler memory overflow vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2025-08-26. Because it is listed in KEV, defenders should treat remediation as urgent and follow vendor guidance immediately.
CVE-2024-8069 affects Citrix Session Recording and is described as a deserialization of untrusted data vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog, so defenders should treat it as a priority remediation item and follow Citrix guidance immediately.
CVE-2024-8068 is a Citrix Session Recording improper privilege management vulnerability that CISA has added to its Known Exploited Vulnerabilities catalog. That KEV listing indicates the issue is considered actively exploited, so organizations using Citrix Session Recording should prioritize remediation and follow vendor guidance immediately. CISA’s entry sets a remediation due date of 2025-09-15.
CVE-2025-5777 affects Citrix NetScaler ADC and Gateway and is described as an out-of-bounds read vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-07-10, indicating active exploitation and noting known ransomware campaign use.
CVE-2025-6543 is a Citrix NetScaler ADC and Gateway buffer overflow vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-06-30. The supplied corpus indicates known exploitation and directs defenders to apply vendor mitigations promptly. Because the public details provided here are limited, the most reliable defensive posture is to treat affected NetScaler deployments as urg [truncated]
CVE-2023-24489 is a Citrix Content Collaboration / ShareFile improper access control vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2023-08-16. Because it is in KEV, organizations should treat it as urgent and follow Citrix mitigation guidance immediately. If mitigation is not available in your environment, CISA’s guidance is to discontinue use of the product.
CVE-2023-3519 is a Citrix NetScaler ADC and NetScaler Gateway code injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2023-07-19. Because it is listed in KEV and marked as having known ransomware campaign use, defenders should treat it as an active, high-priority exposure. The supplied official guidance is to apply vendor mitigations immediately or discontinue use of [truncated]
CVE-2021-22941 is an improper access control vulnerability in Citrix ShareFile. CISA added it to the Known Exploited Vulnerabilities catalog on 2022-03-25 and marked it as having known ransomware campaign use. For defenders, this makes ShareFile deployments a time-sensitive patching and verification priority.
CVE-2020-8196 is a Citrix information disclosure vulnerability affecting Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP appliances. In the supplied source data, CISA lists it in the Known Exploited Vulnerabilities catalog and instructs organizations to apply updates per vendor instructions. Because it is a KEV item, it should be treated as a priority remediation item, especially on inter [truncated]
CVE-2020-8195 is a Citrix information disclosure vulnerability affecting Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance deployments. CISA added it to the Known Exploited Vulnerabilities catalog, which means defenders should treat it as a real-world risk and prioritize remediation using vendor guidance.
CVE-2020-8193 is a Citrix authorization bypass vulnerability affecting Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP appliances. CISA added it to the Known Exploited Vulnerabilities catalog on 2021-11-03, which makes it a high-priority issue for defenders even though the supplied corpus does not include a CVSS score or deeper technical detail. Systems that provide external access or aut [truncated]
CVE-2019-19781 is a Citrix code execution vulnerability affecting Citrix ADC, Gateway, and SD-WAN WANOP Appliance. CISA classifies it as a Known Exploited Vulnerability and notes known ransomware campaign use, so defenders should treat remediation as urgent.
CVE-2019-13608 is a Citrix StoreFront Server XML External Entity (XXE) processing vulnerability that CISA has listed in its Known Exploited Vulnerabilities catalog. CISA also marks it as associated with known ransomware campaign use, which makes this a high-priority remediation item for any exposed Citrix StoreFront Server deployment.
CVE-2019-11634 is a Citrix Workspace Application and Receiver for Windows remote code execution vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. The KEV record indicates known ransomware campaign use, so this issue should be treated as a high-priority remediation item for any environment still running the affected Citrix client software.
